[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug ld/29617] New: Ld segfaults when bfd_close() fails
From: |
nishikawa.k at nec dot com |
Subject: |
[Bug ld/29617] New: Ld segfaults when bfd_close() fails |
Date: |
Mon, 26 Sep 2022 23:42:20 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=29617
Bug ID: 29617
Summary: Ld segfaults when bfd_close() fails
Product: binutils
Version: 2.26
Status: UNCONFIRMED
Severity: minor
Priority: P2
Component: ld
Assignee: unassigned at sourceware dot org
Reporter: nishikawa.k at nec dot com
Target Milestone: ---
When the ld linker fails to close an output file (ex. the file on NFS is
removed from another machine), it refers the memory area of the variable for
the output file that is illegally deallocated for outputing message.
This problem occurs in the ld code below.
<ld/ldmain.c>
465 if (! bfd_close (link_info.output_bfd))
466 einfo (_("%F%B: final close failed: %E\n"), link_info.output_bfd);
The "bfd_close" function calls "bclose"(bfd/opncls.c:line 740) to close the
output file pointed to by the argument link_info.output_bfd.
If the file close fails, the "bfd_close" function returns false and the memory
area of the argument "link_info.output_bfd" is deallocated.
And then, when calling the function "einfo" on line 466 of ld/ldmain.c, the
deallocated link_info.output_bfd is referred to and it causes a segmentation
fault.
--
You are receiving this mail because:
You are on the CC list for the bug.
- [Bug ld/29617] New: Ld segfaults when bfd_close() fails,
nishikawa.k at nec dot com <=